i dont need the full details but enough so i know they are stored safely.
Sure, I'm including a response I gave to this previously:
We encrypt your keys with the passphrase and store them in our database, but we never store the passphrase anywhere, so in the highly unlikely event that our database is ever compromised, the potential attacker would have no way getting your original API keys and your funds would therefore be safe.
From now on, each time you start the bot you'll be prompted for the passphrase. We use that to decrypt the keys and send them directly to the bot instance without storing them anywhere. They are not written to disk and only kept in-memory by the bot instance.
We think that this is a good compromise over having to enter your API keys every time; and obviously much better than storing them in the clear.